blotus
04f3dc09f9
remove PAPI feature flag ( #2601 )
2023-12-08 14:55:45 +01:00
mmetc
23968e472d
Refact bouncer auth ( #2456 )
...
Co-authored-by: blotus <sebastien@crowdsec.net>
2023-12-04 23:06:01 +01:00
mmetc
ffadd42779
update dependency on go-cs-lib; drop the pkg/ part ( #2393 )
2023-07-28 16:35:08 +02:00
mmetc
9967d60987
errors.Wrap -> fmt.Errorf ( #2333 )
2023-07-06 10:14:45 +02:00
mmetc
5b3200173e
don't pre-create log files (not required anymore) ( #2267 )
...
The lumberjack package fixed the issue in natefinch/lumberjack#83 (tested with umask 002) and this code is now redundant since we updated the dependency to v2.2.1.
2023-06-07 12:58:35 +02:00
mmetc
025f14f879
merge system cert pool with own certs ( #2226 )
2023-05-25 10:10:58 +02:00
mmetc
534328ca30
decouple bouncer dependencies: use go-cs-lib/pkg/* ( #2216 )
...
* decouple bouncer dependencies: use go-cs-lib/pkg/trace
* decouple bouncer dependencies: use go-cs-lib/pkg/version
* decouple bouncer dependencies: use go-cs-lib/pkg/yamlpatch
* decouple bouncer dependencies: use go-cs-lib/pkg/csstring
* unused import
2023-05-23 10:52:47 +02:00
blotus
91eb39cff6
New PAPI commands: reauth + force_pull ( #2129 )
2023-03-21 14:06:19 +01:00
Thibault "bui" Koechlin
a74e424d53
support ip and cidr based whitelists for capi and 3rd party blocklists ( #2132 )
...
* support ip and cidr based whitelists for capi and 3rd party blocklist
2023-03-21 11:50:10 +01:00
blotus
16a3be49e2
do not try to load PAPI is url is not set ( #2099 )
2023-03-06 15:38:58 +01:00
Laurence Jones
8acce4637a
Option to disable remote lapi registration ( #2010 )
...
* Allow to disable remote lapi registration
* Extract method and make it extendable as a generic middleware
* Change method name so it make sense to read abort remote if <config>
* golint
2023-02-24 13:44:21 +00:00
Thibault "bui" Koechlin
1d7d377f8b
changes following BL tests ( #2038 )
...
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2023-02-08 10:35:21 +01:00
Thibault "bui" Koechlin
e927717fa0
Polling API Integration ( #1715 )
...
Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2023-01-31 14:47:44 +01:00
mmetc
3fb3decf49
error if tls.key_file or cert_file are missing ( #2020 )
2023-01-26 17:12:59 +01:00
mmetc
104f5d1fe6
lint: error handling cleanup ( #1877 )
2022-11-29 09:16:07 +01:00
mmetc
66543493b5
fix nil dereference: check that httpServer is set before shutting down ( #1893 )
2022-11-28 11:55:08 +01:00
mmetc
fde9640364
Docker refactoring, tls setup ( #1869 )
2022-11-28 10:35:12 +01:00
mmetc
edced6818a
cleanup + fix flaky tests in file_test.go, apic_test.go ( #1773 )
2022-09-30 16:01:42 +02:00
mmetc
414282a2c9
golangci-lint 1.49 and related fixes ( #1736 )
2022-09-06 13:55:03 +02:00
AlteredCoder
5f62d738fc
Add no-capi flag and review some logs ( #1628 )
...
* Add no-capi flag and review some logs
2022-07-01 16:56:13 +02:00
mmetc
8e7e799304
[wip] serve metrics only after agent and/or lapi are ready; fixed some func tests ( #1613 )
2022-06-24 15:55:21 +02:00
Thibault "bui" Koechlin
1c0fe09576
Add support for certificate authentication for agents and bouncers ( #1428 )
2022-06-08 16:05:52 +02:00
mmetc
799cc82bb5
functional tests, minor refactoring and lint/cleanup ( #1570 )
...
* cmd/crowdsec: removed log.Fatal()s, added tests and print error for unrecognized argument
* updated golangci-lint to v1.46
* lint/deadcode: fix existing issues
* tests: cscli config backup/restore
* tests: cscli completion powershell/fish
* err check: pflags MarkHidden()
* empty .dockerignore (and explain the reason)
* tests, errors.Wrap
* test for CS_LAPI_SECRET and minor refactoring
* minor style changes
* log cleanup
2022-06-06 15:24:48 +02:00
mmetc
1fc9587919
fix #1283 : update and enable error reports from golangci ( #1523 )
2022-05-25 22:27:50 +02:00
mmetc
131ed1b0a7
error reporting ( #1501 )
...
* unified error reporting, removed redundancy, tests
2022-05-19 10:48:08 +02:00
Shivam Sandbhor
023ac9e138
Add trusted IPs which have admin API access ( #1352 )
...
* Add trusted IPs which have admin API access
2022-03-16 17:28:34 +01:00
Thibault "bui" Koechlin
a88848009a
fix default perms for log file ( #1177 )
...
* fix default perms
2022-01-18 16:54:02 +01:00
Thibault "bui" Koechlin
40ed810c0b
Gin upgrade ( #1174 )
...
* upgrade gin / gin-jwt, and add a new 'trusted_proxies' option to provide trusted CIDRs
2022-01-17 17:18:12 +01:00
Thibault "bui" Koechlin
6e92da76ad
lapi to capi : allow push of tainted/custom/manual decisions ( #1154 )
...
* add console command to control signal sharing
* modify metrics endpoint to add lastpush
Co-authored-by: alteredCoder <kevin@crowdsec.net>
2022-01-13 16:46:16 +01:00
Thibault "bui" Koechlin
950759f6d6
Output plugins ( #878 )
...
* Add plugin system for notifications (#857 )
2021-08-25 11:43:29 +02:00
Thibault "bui" Koechlin
01028d0a09
Goroutine leak hunt ( #874 )
...
* close the writers of gin loggers + kill the tomb of httpServer
* body close defer
2021-07-30 11:41:17 +02:00
Lars Lehtonen
d86ba98cff
pkg/apiserver: fix dropped error ( #700 )
...
* pkg/apiserver: fix dropped error
* pkg/apiserver: remove unused Context from APIServer{}
2021-04-07 14:51:00 +02:00
Thibault "bui" Koechlin
4bb34d8e77
fix #723 : intercept http2 stream closed errors ( #724 )
...
* fix #723 : intercept http2 stream closed errors
* factorize the 'dump stacktrace' code
2021-04-07 14:31:03 +02:00
Thibault "bui" Koechlin
cd06929e75
honor log levels for api : don't log access logs if level is warn/err ( #732 )
...
* honor log levels for api : don't log access logs if level is warn/err
* add basic test for logging of api server
2021-04-07 11:39:24 +02:00
Thibault "bui" Koechlin
6d28599efa
Ensure LAPI logs respect log_media
( #707 )
...
* if log_media is set to file, don't try to log to stdout
* use the log media no matter what
2021-03-22 17:46:55 +01:00
registergoofy
a8b16a66b1
truely don't try to send anything with empty online credentials configuration file ( #657 )
...
* truely don't try to send anything with empty online credentials config file
Co-authored-by: AlteredCoder <AlteredCoder>
2021-03-02 09:25:12 +01:00
Thibault "bui" Koechlin
7f40160f6e
only set logfile dir if media is file ( #615 )
2021-02-11 18:28:01 +01:00
blotus
260332c726
Add use_forwarded_for_headers configuration option for LAPI ( #610 )
...
* Add use_forwarded_for_headers configuration option for LAPI
* update documentation
2021-02-09 19:10:14 +01:00
Thibault "bui" Koechlin
e74f221044
Fix default configurations ( #597 )
...
* fix default perms on SQLite file
* seed the prng securely
* fix defaults to enforce certificates verification
* ensure file is within path
* ensure the directory doesn't exist beforehand
* verify certificate by default
* disable http ip forward headers
2021-02-02 14:15:13 +01:00
Thibault "bui" Koechlin
dbb420f79e
local api ( #482 )
...
Co-authored-by: AlteredCoder
Co-authored-by: erenJag
2020-11-30 10:37:17 +01:00